multi-ai-skill-builder

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill explicitly instructs the agent to perform web research with the Gemini CLI and to pull GitHub patterns with Codex (see Step 1.2 "Gemini Web Research" and Step 1.3 "Codex GitHub Research"), causing the agent to ingest untrusted public web and user-generated GitHub content as part of its synthesis workflow and therefore enabling indirect prompt injection.